The basis of the ISO-26262 standard resides in the more generic IEC- 61508, which has a broad field of application (industrial process, control and automation, as well as oil/gas, nuclear, etc). ISO-26262 has been built on the IEC-61508, but is totally dedicated to the automotive sector - more precisely its application is limited to safety-related electrical and electronic systems installed in series production passenger cars with a maximum gross weight of 3.500 kg. The first draft release surfaced in 2009, resulting in considerable commotion within the automotive sector. The widespread perception was that this would be another set of rules imposed on the industry, leading to longer development cycles and lots more paperwork. However, once the standard was in place, stakeholders quickly saw the benefits of such harmonization.
Benefits of ISO-26262
ISO-26262 allows car manufacturers to indemnify themselves from liability in case a malfunction remains undetected when following the standard, because the latter is treated by the judicial systems as ‘the reference for development’. At the process level it allows the following of a clear guidance on the development and validation of electrical and electronic systems, avoiding errors in implementation (which could otherwise induce expensive recall activity and damage the brand name). Benefits to customers, though no always recognized, are also present – the standard can give each of them confidence in their purchased automobile.
When it comes to functional safety, the overriding goal is to minimize the susceptibility to random hardware failures by taking the necessary design measures, defining the functional requirements, applying systematic analysis methods and avoiding systematic failures through applied rigor in procedures within the development process. The automotive safety integrity level (ASIL) is a key to ensuring ISO-26262 compliance is upheld. Determined at the start of the development process, through this the functions of the automotive system in question can be analyzed and thorough risk assessment carried out.
In fact, semiconductor suppliers cannot bring integrated circuits (ICs) to market which are ‘ASIL-x certified’ – as an ASIL is assigned to an application or function, rather than to an isolated hardware component or ‘element’. Any supplier claiming anything to the contrary simply isn’t taking the standard seriously and lacks a genuine understanding of the ISO-26262 complexities.
Join our online Radio Show on Friday 11th July starting at 2:00pm Eastern, when EETimes editor of all things fun and interesting, Max Maxfield, and embedded systems expert, Jack Ganssle, will debate as to just what is, and is not, and embedded system.